即时编写此代码
public ActionResult Login(LoginModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
var success = UserService.Login(model.UserName, model.Password, UserUserSession.IpAddress, UserUserSession.MacAddress);
if (success)
{
FormsAuthentication.SetAuthCookie(model.UserName, true);
return RedirectToLocal(returnUrl);
}
return View(model);
}
而不是
var result = await SignInManager.PasswordSignInAsync(model.UserName, model.Password, model.RememberMe, shouldLockout: false);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, model.RememberMe });
default:
ModelState.AddModelError("", "Invalid login attempt.");
return View(model);
}
所以它没有验证_login部分页面
如下所示else
@if (Request.IsAuthenticated)
{
<li>
@Html.ActionLink(User.Identity.Name, "Manage", "Account", routeValues: null, htmlAttributes: new { @class = "", title = "Manage" })
</li>
<li>
<a href="javascript:document.getElementByUserId('logoutForm').submit()">Log off</a>
@using (Html.BeginForm("LogOff", "Account", FormMethod.Post, new { id = "logoutForm", @class = "" }))
{
@Html.AntiForgeryToken()
@*<a href="javascript:document.getElementByUserId('logoutForm').submit()">Log off</a>*@
}
</li>
}
else
{
<li>@Html.ActionLink("Register", "Register", "User", routeValues: null, htmlAttributes: new { id = "registerLink", @class = "" })</li>
<li>@Html.RouteLink("Log in", "Login", routeValues: null, htmlAttributes: new { id = "loginLink", @class = "" })</li>
}
</ul>
所以有人可以建议我在登录成功后如何设置用户会话?